Overview

overview

3

Static

static

3

4c3b93ec72...3a.dll

windows7-x64

1

4c3b93ec72...3a.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2024, 19:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4c3b93ec72e05d4128b2e2daae18153a.dll

  • Size

    312KB

  • MD5

    4c3b93ec72e05d4128b2e2daae18153a

  • SHA1

    11f649235e7fabb38d7883a933b0bb9a89090db8

  • SHA256

    22ce8f459a3cbc7f748a0b019d35b9ece62bd07bfc2f2d55737a1353b0136d46

  • SHA512

    327916715bd20eddb399e61a09276a25cda669f41679ca2ccd45fada8178a5d8d77e3213df40018bc06351d939532f9acfdcb583512703f046b9c1f40851ea93

  • SSDEEP

    3072:7pWe5vAIq4cKeCI6KTzDjTKApHbhALu5bP9KOybjF+Vt4vlxkMgTwKKCWI8UFtmx:7pKI26s77hHVI323TuCoCen

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\4c3b93ec72e05d4128b2e2daae18153a.dll,#1
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2224
  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\4c3b93ec72e05d4128b2e2daae18153a.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads